package com.xxmw.transaction.controller;

import com.xxmw.transaction.common.entity.P;
import com.xxmw.transaction.common.entity.R;
import com.xxmw.transaction.model.SysUser;
import com.xxmw.transaction.service.SysUserRoleService;
import com.xxmw.transaction.service.SysUserService;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.Date;
import java.util.List;

@RestController
@RequestMapping("/admin/user")
public class SysUserController extends BaseController {

	@Autowired
	private SysUserService sysUserService;

	@Autowired
	private SysUserRoleService sysUserRoleService;

	@GetMapping("/list")
	@RequiresPermissions("system:user:list")
	public R list(@RequestParam(value = "pageNum", defaultValue = "1") Integer pageNum,
			@RequestParam(value = "pageSize", defaultValue = "20") Integer pageSize) {
		P<SysUser> list = sysUserService.getList(pageNum, pageSize, getUserId());
		return R.ok(list);
	}

	/**
	 * 获取登录的用户信息
	 */
	@GetMapping("/info")
	public R info(){
		return R.ok().put("user", getUser());
	}

	@GetMapping("/info/{userId}")
	public R info(@PathVariable("userId") Long userId) {
		SysUser user = sysUserService.getById(userId);
		if(user == null) {
			return R.error("用户不存在");
		}
		user.setPassword("");
		user.setSalt("");
		List<Long> roleIdList = sysUserRoleService.getRoleIdList(userId);
		user.setRoleIdList(roleIdList);
		return R.ok(user);
	}

	/**
	 * 验证用户名是否存在
	 * @param username
	 * @return
	 */
	@GetMapping("/exists/{username}")
	public R exists (@PathVariable String username) {
		SysUser user = sysUserService.getByUserName(username);
		if (null == user) {
			return R.ok();
		}
		return R.error("用户名已存在");
	}

	@PostMapping("/save")
	@RequiresPermissions("system:user:save")
	public R save(@RequestBody SysUser user) {
		user.setUserId(null);
		user.setCreated(new Date());
		user.setAdder(getUserId());
		String salt = RandomStringUtils.randomAlphanumeric(20);
		user.setPassword(new Sha256Hash(user.getPassword(), salt).toHex());
		user.setSalt(salt);
		sysUserService.addOrUpdate(user);
		return R.ok();
	}

	@PostMapping("/update")
	@RequiresPermissions("system:user:save")
	public R update(@RequestBody SysUser user) {
		String salt = RandomStringUtils.randomAlphanumeric(20);
		user.setPassword(new Sha256Hash(user.getPassword(), salt).toHex());
		user.setSalt(salt);
		sysUserService.addOrUpdate(user);
		return R.ok();
	}

	/**
	 * 删除用户
	 */
	@PostMapping("/delete")
	@RequiresPermissions("system:user:delete")
	public R delete(@RequestBody Long[] userIds){
		if(ArrayUtils.contains(userIds, 1L)){
			return R.error("系统管理员不能删除");
		}

		if(ArrayUtils.contains(userIds, getUserId())){
			return R.error("当前用户不能删除");
		}

		sysUserService.deleteBatch(userIds);

		return R.ok();
	}

}
